Set X-Content-Type-Options in Apache
Question:
How to set X-Content-Type-Options in Apache? Answer:
<IfModule mod_headers.c>
Header set X-Content-Type-Options "nosniff"
</IfModule>
Description:
The X-Content-Type-Options
response HTTP header is a marker used by the server to indicate that the MIME types advertised in the Content-Type headers should not be changed and be followed. This is a way to opt-out of MIME type sniffing, or, in other words, to say that the MIME types are deliberately configured.
Value nosniff
blocks a request if the request destination is of type:
- "style" and the MIME type is not text/css, or
- "script" and the MIME type is not a JavaScript MIME type
Reference:
X-Content-Type-Options reference
Share "How to set X-Content-Type-Options in Apache?"
Related snippets:
- Setup HTTPS for local development on Windows 10
- Set default encoding to UTF-8 using Apache
- Enable compression in Apache using htaccess
- Cache static content using htaccess
- Redirect all requests to index.php using htaccess
- Set X-Frame-Options on Apache webservers
- Redirect www to non-www on Apache webservers
- Automatically redirect HTTP to HTTPS on Apache webservers
- Set X-Content-Type-Options in Apache
Tags:
X-Content-Type-Options, apache, nosniff, header parameter Technical term:
Set X-Content-Type-Options in Apache